Hello,
I've been testing my project with some manual tests. One of them consists of deleting cookies ("clean personal info" in firefox) just before submit the login form. Then, I get an error.
The error message is: ActionController::InvalidAuthenticityToken in SessionsController#create
I'm on Rails 2.0.2 with restful_authentication plugin. I'm using default cookie session store, too.
Any idea?
Thanks.
This is Rails CSRF protection kicking in, see:
http://api.rubyonrails.com/classes/ActionController/RequestForgeryProtection.html
Try reloading the page with the form before submitting.
Will.
But can I reload the page automatically before submitting? or I must trust the user to do it... How can I avoid the user getting that exception?
Thanks!
could you try to include prototype in your layout? It's work for me 
Thank you, I tried it, but it doesn't seem to fix the error.